Modern aircraft are highly sophisticated machines that undergo rigorous testing and certifications. Yet, no matter how many advanced systems are on board or how thoroughly an aircraft is checked, secure flying still depends on pilots and the processes that support them. In other words, there is still a clear line between the platform we ride into the air and the entity that operates that platform. And when warning lights appear during unexpected in-flight events (the weather, mechanical, security or any other cause) – it’s not the plane’s certifications that count, it’s the pilot’s situational awareness and response. It’s the same in cybersecurity. For the past decade, we’ve been legitimately focused on building out our infrastructure – devices, servers, software, platforms, playbooks, tools, processes, incident response procedures and certifications. We’ve been concentrating on building and equipping our ‘planes’ to be secure.
Yet, while these efforts should continue, today, the industry has matured. We’re at the point where building infrastructure alone is not sufficient. We need to see how all those moving parts can work better together. There’s a…
